Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
File:                     r39NEPAZQ0EHs7XcU6yakZjFxH0.mft (raw, json)
Hash identifier:          /mOYNTvQqJmNJmHc7v6dur8dqSl3n1u2hNS9j12aZGA=
Subject key identifier:   D2:D3:A2:D8:DA:6C:3A:80:DD:17:F5:87:8D:E8:77:22:9F:85:00:93
Authority key identifier: AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D
Certificate issuer:       /CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
Certificate serial:       0199225556B9CD17A58DD9C2D2746CC6DC21
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
Manifest number:          0E60
Signing time:             Sun 07 Sep 2025 04:00:41 +0000
Manifest this update:     Sun 07 Sep 2025 04:00:41 +0000
Manifest next update:     Mon 08 Sep 2025 04:00:41 +0000
Files and hashes:         1: r39NEPAZQ0EHs7XcU6yakZjFxH0.crl (hash: RbtOBaMFmeRC96mSf6iaSmkzNNEdOt3RpXMYkJ/KRYo=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 08 Sep 2025 04:00:41 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:22:55:56:b9:cd:17:a5:8d:d9:c2:d2:74:6c:c6:dc:21
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=af7f4d10f019434107b3b5dc53ac9a9198c5c47d
        Validity
            Not Before: Sep  7 04:00:41 2025 GMT
            Not After : Sep  8 04:00:41 2025 GMT
        Subject: CN=d2d3a2d8da6c3a80dd17f5878de877229f850093
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:6e:c9:a9:e5:42:50:ba:30:3c:72:8e:ab:3f:
                    06:1b:bf:02:b7:33:ac:0b:8e:77:62:09:6a:79:6e:
                    9d:10:8a:9b:49:ed:2d:dc:1e:08:d6:79:19:0a:18:
                    6b:75:c6:55:e6:81:8c:5b:5f:17:a4:ad:02:3b:4b:
                    b5:ec:8d:71:25:36:cc:ed:75:f1:5a:f7:43:c3:87:
                    6d:bb:a3:d3:dc:b0:06:77:9e:cc:32:44:de:f3:03:
                    0a:6b:9f:85:3c:5a:c8:4a:ec:ee:8f:91:5b:d8:36:
                    5a:10:bf:5a:7e:7a:c6:38:34:6c:22:79:55:67:9e:
                    48:0d:3e:e1:ca:25:35:1a:56:ce:02:e6:8f:dd:b5:
                    b8:46:da:a4:20:1f:c1:ab:e3:69:b6:3b:44:a6:c8:
                    7b:a0:04:82:c2:fa:e4:b1:6e:49:44:bd:66:79:d5:
                    69:5f:7c:cb:0f:56:01:64:e5:32:04:4d:c7:5f:e4:
                    33:d8:a1:7e:cb:b7:31:17:cd:84:5d:59:63:b0:f8:
                    4d:3c:d8:a6:01:7b:f8:27:40:c9:cb:f4:01:7b:27:
                    ba:d6:01:68:b3:a8:d3:31:68:78:a3:ec:fb:bb:b9:
                    36:9d:82:b3:33:d1:94:17:4c:49:ea:f2:49:c5:0e:
                    84:49:30:34:01:32:e6:21:b0:2a:dd:12:b0:4e:2b:
                    6d:39
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                D2:D3:A2:D8:DA:6C:3A:80:DD:17:F5:87:8D:E8:77:22:9F:85:00:93
            X509v3 Authority Key Identifier:
                keyid:AF:7F:4D:10:F0:19:43:41:07:B3:B5:DC:53:AC:9A:91:98:C5:C4:7D

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r39NEPAZQ0EHs7XcU6yakZjFxH0.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/d2749d-f773-471a-aca3-618d95fe3901/1/r39NEPAZQ0EHs7XcU6yakZjFxH0.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         9f:68:b8:14:d3:af:34:c2:21:ce:62:2b:af:ec:b5:da:23:94:
         89:75:c3:c9:bf:65:96:96:25:49:f8:20:06:8f:2b:77:37:a7:
         ec:93:e2:82:ca:92:3d:87:65:30:37:bd:2f:e7:71:3a:72:3b:
         f9:52:c9:73:76:73:54:4a:1c:33:79:88:32:06:22:31:cd:6c:
         f4:c3:85:7a:cb:27:89:bd:56:4a:16:72:d7:1a:17:80:f5:8a:
         4e:8d:a7:20:28:2f:bb:10:87:6a:6c:36:34:f5:57:34:2b:2b:
         60:e5:d2:53:69:18:56:c0:bc:38:37:ac:20:7b:1a:16:94:43:
         04:be:e1:bf:ad:56:6b:11:bb:08:09:19:2e:98:ca:30:a2:0a:
         57:65:be:70:ce:c0:1a:1e:52:bc:2f:13:fb:ac:b1:c5:bc:46:
         16:36:02:78:3e:ec:57:f2:19:dd:15:19:48:f2:72:0e:1e:44:
         49:38:60:7b:7e:7d:1c:e4:14:32:5f:01:5e:49:f3:b3:a8:75:
         96:d6:a1:b3:e4:73:14:63:05:d6:ce:a1:8e:75:4d:81:6a:b8:
         20:06:98:d3:f2:b6:d4:d3:c1:d0:01:af:69:5d:22:b6:a2:fb:
         bf:27:9c:2d:99:29:ff:36:e3:a9:38:0a:29:29:81:5e:af:9b:
         f1:1f:8a:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZkiVVa5zReljdnC0nRsxtwhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmN2Y0ZDEwZjAxOTQzNDEwN2IzYjVkYzUzYWM5YTkxOThj
NWM0N2QwHhcNMjUwOTA3MDQwMDQxWhcNMjUwOTA4MDQwMDQxWjAzMTEwLwYDVQQD
EyhkMmQzYTJkOGRhNmMzYTgwZGQxN2Y1ODc4ZGU4NzcyMjlmODUwMDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwG7JqeVCULowPHKOqz8GG78CtzOs
C453YglqeW6dEIqbSe0t3B4I1nkZChhrdcZV5oGMW18XpK0CO0u17I1xJTbM7XXx
WvdDw4dtu6PT3LAGd57MMkTe8wMKa5+FPFrISuzuj5Fb2DZaEL9afnrGODRsInlV
Z55IDT7hyiU1GlbOAuaP3bW4RtqkIB/Bq+NptjtEpsh7oASCwvrksW5JRL1medVp
X3zLD1YBZOUyBE3HX+Qz2KF+y7cxF82EXVljsPhNPNimAXv4J0DJy/QBeye61gFo
s6jTMWh4o+z7u7k2nYKzM9GUF0xJ6vJJxQ6ESTA0ATLmIbAq3RKwTittOQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFNLTotjabDqA3Rf1h43odyKfhQCTMB8GA1UdIwQY
MBaAFK9/TRDwGUNBB7O13FOsmpGYxcR9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMt
NjE4ZDk1ZmUzOTAxLzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC9kMjc0OWQtZjc3My00NzFhLWFjYTMtNjE4ZDk1ZmUzOTAx
LzEvcjM5TkVQQVpRMEVIczdYY1U2eWFrWmpGeEgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAn2i4FNOv
NMIhzmIrr+y12iOUiXXDyb9llpYlSfggBo8rdzen7JPigsqSPYdlMDe9L+dxOnI7
+VLJc3ZzVEocM3mIMgYiMc1s9MOFessnib1WShZy1xoXgPWKTo2nICgvuxCHamw2
NPVXNCsrYOXSU2kYVsC8ODesIHsaFpRDBL7hv61WaxG7CAkZLpjKMKIKV2W+cM7A
Gh5SvC8T+6yxxbxGFjYCeD7sV/IZ3RUZSPJyDh5ESThge359HOQUMl8BXknzs6h1
ltahs+RzFGMF1s6hjnVNgWq4IAaY0/K21NPB0AGvaV0itqL7vyecLZkp/zbjqTgK
KSmBXq+b8R+KBA==
-----END CERTIFICATE-----